[sudo-users] auditing the group which gave a user sudo
ed-sudo at s5h.net
Fri May 10 10:19:21 MDT 2019
On Fri, May 10, 2019 at 06:33:59am -0700, Rohit Bansal wrote:
> When i look at syslog, it gives the command and the primary group of
> the user, but does not give which group policy allowed a user to get
> sudo. We have tried a run sudo in debug mode as well but even that
> does not spit out the policy which was evaluated to allow the specific
> sudo execution.
Try cvtsudoers, there's a post from March relating to this.
More information about the sudo-users